package com.character.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.character.service.MenuService;
import com.character.shiro.MyRealm;
import com.character.shiro.ShiroPermsFilter;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.annotation.Resource;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;

@Configuration
public class ShiroConfig {
    @Resource
    private MenuService menuService;
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMacther(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        hashedCredentialsMatcher.setHashIterations(1000);
        return hashedCredentialsMatcher;
    }
    @Bean
    public MyRealm myRealm(){
        MyRealm myRealm= new MyRealm();
        myRealm.setCredentialsMatcher(hashedCredentialsMacther());
        return myRealm;
    }
    /**
     * securityManager
     */
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(){
        DefaultWebSecurityManager defaultWebSecurityManager= new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(myRealm());
        return defaultWebSecurityManager;
    }
    /**
     * shiroFilterFactorybean
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager());
        /**
         * 认证过滤器的分类
         * anon:无需认证
         * authc:必须认证才能到达
         * user:使用rememberme的时候才用
         * perms：访问的资源需要某个权限才能到达
         * roles:访问的资源需要某个角色才能到达
         */
        Map<String, Filter> filterMap= new LinkedHashMap<>();
        filterMap.put("perms",new ShiroPermsFilter());
        shiroFilterFactoryBean.setFilters(filterMap);
        Map<String, String> map = new LinkedHashMap<>();
        //放行login
        map.put("/showAdminLogin","anon");
        map.put("/showTesterLogin","anon");
        map.put("/showTestCharacter","anon");
        map.put("/showResultOne","anon");
        map.put("/jquery-3.6.0.js","anon");
        map.put("/unau.html","anon");
        //添加页面需要有添加的权限才能到达

        Set<String> allUrl = menuService.getAllUrl();
        for (String url : allUrl) {
            map.put(url,menuService.getPermByUrl(url));
        }
        //过滤所有的请求
        map.put("/*","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        //修改登录页面
        shiroFilterFactoryBean.setLoginUrl("/showAdminLogin");
        //指定未授权页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/unau.html");
        return shiroFilterFactoryBean;
    }

    /**
     * 设置shiro的方言
     * @return
     */
    @Bean
    public ShiroDialect shiroDialect(){
        return new ShiroDialect();
    }


}
